Add the following two lines highlighted in blue to the /etc/pam.d/system-auth file as shown below:
auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_tally.so
onerr=fail no_magic_root
auth sufficient /lib/security/$ISA/pam_unix.so likeauth
nullok
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account required /lib/security/$ISA/pam_tally.so
per_user deny=5 no_magic_root reset
account sufficient /lib/security/$ISA/pam_succeed_if.so uid
< 100 quiet
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
The
first added line counts failed login and failed su attempts for each
user.
The default location for attempted accesses is recorded in /var/log/faillog.
No comments:
Post a Comment